If you are a Linux fan and user, then the term “hacker” isn’t always a bad thing. Linux users know that there are two different kinds of hackers out there. The first is the kind that develops free software like the Linux kernel, the other is the one that breaks into your computer, steals your identity and racks up huge credit card charges.
Unfortunately, the bad hackers paid a visit to the good hackers earlier in the month by breaking into the Kernel.org website, home to the Linux project. The hackers gained root access to a server known as Hera and then proceeded to compromise multiple servers in the Kernel.org infrastructure.
Website administrators detected the problem this past Sunday, also discovering a number of other very bad things going on in the servers. Among the problems, files were modified, a malicious program was added to the server’s start-up scripts and some user data was logged.
Owners of Kernel.org have contacted law enforcement officials in the United States, as well as Europe, and are in the process of reinstating the infrastructure of the site and figuring out just what exactly happened. Site administrators believe that the hacker(s) may have also stolen a user’s login credentials in order to break into the system. As a result, the site is making each of its 448 users change their passwords and SSH keys.
What makes this hack particularly bothersome is that Kernel.org is where Linux distributors download the source code for the popular Linux operating system’s kernel. However, the website notes that, even with root access, it would be very difficult for a hacker to distribute malicious source code into the Linux kernel without anyone noticing because the change-tracking system used by Linux takes a cryptographic hash of each file at the time it is published.
This kind of compromise has become increasingly common over the past several months. Back in January, servers used by the Fedora Project, which is the community version of Red Hat Enterprise Linux, were hacked. Around the same time, another open-source software development site, known as SourceForge, was also hacked into.
Source: PC World – Hackers Break Into Linux Source Code Site